projects / online-glom:gwt-glom.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9a1f3ed) | patch
OnlineGlomLoginServlet.checkAuthentication(): Require HTTPS.
authorMurray Cumming <murrayc@murrayc.com>
Wed, 19 Dec 2012 21:14:42 +0000 (22:14 +0100)
committerMurray Cumming <murrayc@murrayc.com>
Wed, 19 Dec 2012 21:27:24 +0000 (22:27 +0100)
commitf1ac487e38756a86e1f2c6be80e840c8d9b161d5
treecd798f11f7a57ac4bfa962f74f71476bd18069a8tree | snapshot
parent9a1f3edc39a9894df5a9ec5706490ef971c94604commit | diff
OnlineGlomLoginServlet.checkAuthentication(): Require HTTPS.

        * pom.xml: Use HTTPS when running jetty for testing via mvn gwt:run.
This annoys us with a security warning about the self-signed certificate,
but it's better than the risk of deactivating the checks.
        * src/main/java/org/glom/web/server/OnlineGlomLoginServlet.java:
        checkAuthentication(): Refuse to check if the servlet is not running via
HTTPS.
        * src/main/webapp/WEB-INF/web.xml: Add a comment about why we do
not require HTTPS for the login servlet in all cases.
ChangeLog diff | blob | history
pom.xml diff | blob | history
src/main/java/org/glom/web/client/activity/DocumentLoginActivity.java diff | blob | history
src/main/java/org/glom/web/server/OnlineGlomLoginServlet.java diff | blob | history
src/main/webapp/WEB-INF/web.xml diff | blob | history
3588367351ee6b8a4fb5bb546975a07e72